GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 32,526
Composer 6,112
Erlang 86
GitHub Actions 54
Go 4,169
Maven 6,707
npm 6,686
NuGet 1,019
pip 5,531
Pub 13
RubyGems 1,102
Rust 1,421
Swift 61

Unreviewed advisories

All unreviewed 310,638

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

147,783 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay,... Moderate Unreviewed

CVE-2026-11987 was published Jun 27, 2026

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2026-9233 was published Jun 27, 2026

The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2026-3462 was published Jun 27, 2026

The Spexo theme for WordPress is vulnerable to unauthorized access due to a missing capability... Moderate Unreviewed

CVE-2026-12471 was published Jun 27, 2026

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2026-11773 was published Jun 27, 2026

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2026-12399 was published Jun 27, 2026

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-13295 was published Jun 27, 2026

The WP Full Stripe Free plugin for WordPress is vulnerable to Missing Authorization in versions... Moderate Unreviewed

CVE-2026-12432 was published Jun 27, 2026

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... Moderate Unreviewed

CVE-2026-9242 was published Jun 27, 2026

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay,... Moderate Unreviewed

CVE-2026-11783 was published Jun 27, 2026

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-11597 was published Jun 27, 2026

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2026-11364 was published Jun 27, 2026

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2026-13245 was published Jun 27, 2026

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-12404 was published Jun 27, 2026

The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-13335 was published Jun 27, 2026

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to... Moderate Unreviewed

CVE-2026-13422 was published Jun 27, 2026

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-13333 was published Jun 27, 2026

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2026-13331 was published Jun 27, 2026

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure... Moderate Unreviewed

CVE-2025-59868 was published Jun 27, 2026

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2026-11356 was published Jun 27, 2026

The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious... Moderate Unreviewed

CVE-2024-23581 was published Jun 26, 2026

Patool before 4.0.5 contains a path traversal vulnerability in the safe_extract() function in... Moderate Unreviewed

CVE-2026-29509 was published Jun 26, 2026

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a... Moderate Unreviewed

CVE-2026-13434 was published Jun 26, 2026

An Improper Authorization vulnerability exists in PayloadCMS version 3.84.1 due to insufficient... Moderate Unreviewed

CVE-2026-11779 was published Jun 26, 2026

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute... Moderate Unreviewed

CVE-2023-20572 was published Jun 26, 2026

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

147,783 advisories